What’s interesting in this document? First of all, Josh Zelonis and co-authors presented their version of VM products evolution. It consists of this steps (I have reformulated them a bit for the copyright reasons) :

Not so long time ago Gartner’s report “Vulnerability Management an essential piece of the security puzzle” has become publicly available. Now you can read it for free by filling out a questionnaire on F-Secure website.

Talking about the document, I would like, firstly, to thank Gartner. Do you know who writes most articles about VM? Of course, VM vendors. And we all understand that their main goal is to promote their own products. Reports of independent consulting firms, primarily IDC, Forrester and Gartner, allow us to get some balanced view from the side. It is very important.

This post will be about API of F-Secure Radar. API become a crucial feature when you have to scan a range of thousands hosts and you can’t just add it in one Vulnerability Scanning task. As I mentioned earlier in “F-Secure Radar Vulnerability Management solution” Vulnerability Scanning in Radar is for known active IPs only, for ranges – Discovery Scans. Basically, in F-Secure Radar there is always one vulnerability scan for one host. Unusual concept, but it have some advantages. And it’s quite convenient when you work with Radar via API.

So, my plan for this post is to get active IPs from discovery scan report, create vulnerability scans, run them and get reports. All using API.

To use API you need to get API key at “F-Secure Radar -> Settings -> My profile”.

To get vulnerability report you should open Reporting Tab. As you can see, Radar supports reports for single scan results and summary reports. I don’t actually a big fan of standard vulnerability summary reports, because in practice you will always need to change something in them, and it’s impossible in most cases.

I have filtered only Linux OS scans using filter. You can also filter by friendly name (some id, that you can set manually), host name/ip , time of scanning, responsible person, severity level, scan group or even by scan tags.

Meta

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.